Security
Headlines
HeadlinesLatestCVEs

Headline

Gentoo Linux Security Advisory 202408-21

Gentoo Linux Security Advisory 202408-21 - Multiple vulnerabilities have been discovered in GPAC, the worst of which could lead to arbitrary code execution. Versions greater than or equal to 2.2.0 are affected.

Packet Storm
#vulnerability#web#mac#linux

Gentoo Linux Security Advisory GLSA 202408-21


                                       https://security.gentoo.org/  

Severity: Normal
Title: GPAC: Multiple Vulnerabilities
Date: August 10, 2024
Bugs: #785649, #835341
ID: 202408-21


Synopsis

Multiple vulnerabilities have been discovered in GPAC, the worst of
which could lead to arbitrary code execution.

Background

GPAC is an implementation of the MPEG-4 Systems standard developed from
scratch in ANSI C.

Affected packages

Package Vulnerable Unaffected


media-video/gpac < 2.2.0 >= 2.2.0

Description

Multiple vulnerabilities have been discovered in GPAC. Please review the
CVE identifiers referenced below for details.

Impact

Please review the referenced CVE identifiers for details.

Workaround

There is no known workaround at this time.

Resolution

All GPAC users should upgrade to the latest version:

emerge --sync

emerge --ask --oneshot --verbose “>=media-video/gpac-2.2.0”

References

[ 1 ] CVE-2020-22673
https://nvd.nist.gov/vuln/detail/CVE-2020-22673
[ 2 ] CVE-2020-22674
https://nvd.nist.gov/vuln/detail/CVE-2020-22674
[ 3 ] CVE-2020-22675
https://nvd.nist.gov/vuln/detail/CVE-2020-22675
[ 4 ] CVE-2020-22677
https://nvd.nist.gov/vuln/detail/CVE-2020-22677
[ 5 ] CVE-2020-22678
https://nvd.nist.gov/vuln/detail/CVE-2020-22678
[ 6 ] CVE-2020-22679
https://nvd.nist.gov/vuln/detail/CVE-2020-22679
[ 7 ] CVE-2020-25427
https://nvd.nist.gov/vuln/detail/CVE-2020-25427
[ 8 ] CVE-2020-35979
https://nvd.nist.gov/vuln/detail/CVE-2020-35979
[ 9 ] CVE-2020-35980
https://nvd.nist.gov/vuln/detail/CVE-2020-35980
[ 10 ] CVE-2020-35981
https://nvd.nist.gov/vuln/detail/CVE-2020-35981
[ 11 ] CVE-2020-35982
https://nvd.nist.gov/vuln/detail/CVE-2020-35982
[ 12 ] CVE-2021-4043
https://nvd.nist.gov/vuln/detail/CVE-2021-4043
[ 13 ] CVE-2021-21834
https://nvd.nist.gov/vuln/detail/CVE-2021-21834
[ 14 ] CVE-2021-21835
https://nvd.nist.gov/vuln/detail/CVE-2021-21835
[ 15 ] CVE-2021-21836
https://nvd.nist.gov/vuln/detail/CVE-2021-21836
[ 16 ] CVE-2021-21837
https://nvd.nist.gov/vuln/detail/CVE-2021-21837
[ 17 ] CVE-2021-21838
https://nvd.nist.gov/vuln/detail/CVE-2021-21838
[ 18 ] CVE-2021-21839
https://nvd.nist.gov/vuln/detail/CVE-2021-21839
[ 19 ] CVE-2021-21840
https://nvd.nist.gov/vuln/detail/CVE-2021-21840
[ 20 ] CVE-2021-21841
https://nvd.nist.gov/vuln/detail/CVE-2021-21841
[ 21 ] CVE-2021-21842
https://nvd.nist.gov/vuln/detail/CVE-2021-21842
[ 22 ] CVE-2021-21843
https://nvd.nist.gov/vuln/detail/CVE-2021-21843
[ 23 ] CVE-2021-21844
https://nvd.nist.gov/vuln/detail/CVE-2021-21844
[ 24 ] CVE-2021-21845
https://nvd.nist.gov/vuln/detail/CVE-2021-21845
[ 25 ] CVE-2021-21846
https://nvd.nist.gov/vuln/detail/CVE-2021-21846
[ 26 ] CVE-2021-21847
https://nvd.nist.gov/vuln/detail/CVE-2021-21847
[ 27 ] CVE-2021-21848
https://nvd.nist.gov/vuln/detail/CVE-2021-21848
[ 28 ] CVE-2021-21849
https://nvd.nist.gov/vuln/detail/CVE-2021-21849
[ 29 ] CVE-2021-21850
https://nvd.nist.gov/vuln/detail/CVE-2021-21850
[ 30 ] CVE-2021-21851
https://nvd.nist.gov/vuln/detail/CVE-2021-21851
[ 31 ] CVE-2021-21852
https://nvd.nist.gov/vuln/detail/CVE-2021-21852
[ 32 ] CVE-2021-21853
https://nvd.nist.gov/vuln/detail/CVE-2021-21853
[ 33 ] CVE-2021-21854
https://nvd.nist.gov/vuln/detail/CVE-2021-21854
[ 34 ] CVE-2021-21855
https://nvd.nist.gov/vuln/detail/CVE-2021-21855
[ 35 ] CVE-2021-21856
https://nvd.nist.gov/vuln/detail/CVE-2021-21856
[ 36 ] CVE-2021-21857
https://nvd.nist.gov/vuln/detail/CVE-2021-21857
[ 37 ] CVE-2021-21858
https://nvd.nist.gov/vuln/detail/CVE-2021-21858
[ 38 ] CVE-2021-21859
https://nvd.nist.gov/vuln/detail/CVE-2021-21859
[ 39 ] CVE-2021-21860
https://nvd.nist.gov/vuln/detail/CVE-2021-21860
[ 40 ] CVE-2021-21861
https://nvd.nist.gov/vuln/detail/CVE-2021-21861
[ 41 ] CVE-2021-21862
https://nvd.nist.gov/vuln/detail/CVE-2021-21862
[ 42 ] CVE-2021-30014
https://nvd.nist.gov/vuln/detail/CVE-2021-30014
[ 43 ] CVE-2021-30015
https://nvd.nist.gov/vuln/detail/CVE-2021-30015
[ 44 ] CVE-2021-30019
https://nvd.nist.gov/vuln/detail/CVE-2021-30019
[ 45 ] CVE-2021-30020
https://nvd.nist.gov/vuln/detail/CVE-2021-30020
[ 46 ] CVE-2021-30022
https://nvd.nist.gov/vuln/detail/CVE-2021-30022
[ 47 ] CVE-2021-30199
https://nvd.nist.gov/vuln/detail/CVE-2021-30199
[ 48 ] CVE-2021-31254
https://nvd.nist.gov/vuln/detail/CVE-2021-31254
[ 49 ] CVE-2021-31255
https://nvd.nist.gov/vuln/detail/CVE-2021-31255
[ 50 ] CVE-2021-31256
https://nvd.nist.gov/vuln/detail/CVE-2021-31256
[ 51 ] CVE-2021-31257
https://nvd.nist.gov/vuln/detail/CVE-2021-31257
[ 52 ] CVE-2021-31258
https://nvd.nist.gov/vuln/detail/CVE-2021-31258
[ 53 ] CVE-2021-31259
https://nvd.nist.gov/vuln/detail/CVE-2021-31259
[ 54 ] CVE-2021-31260
https://nvd.nist.gov/vuln/detail/CVE-2021-31260
[ 55 ] CVE-2021-31261
https://nvd.nist.gov/vuln/detail/CVE-2021-31261
[ 56 ] CVE-2021-31262
https://nvd.nist.gov/vuln/detail/CVE-2021-31262
[ 57 ] CVE-2021-32132
https://nvd.nist.gov/vuln/detail/CVE-2021-32132
[ 58 ] CVE-2021-32134
https://nvd.nist.gov/vuln/detail/CVE-2021-32134
[ 59 ] CVE-2021-32135
https://nvd.nist.gov/vuln/detail/CVE-2021-32135
[ 60 ] CVE-2021-32136
https://nvd.nist.gov/vuln/detail/CVE-2021-32136
[ 61 ] CVE-2021-32137
https://nvd.nist.gov/vuln/detail/CVE-2021-32137
[ 62 ] CVE-2021-32138
https://nvd.nist.gov/vuln/detail/CVE-2021-32138
[ 63 ] CVE-2021-32139
https://nvd.nist.gov/vuln/detail/CVE-2021-32139
[ 64 ] CVE-2021-32437
https://nvd.nist.gov/vuln/detail/CVE-2021-32437
[ 65 ] CVE-2021-32438
https://nvd.nist.gov/vuln/detail/CVE-2021-32438
[ 66 ] CVE-2021-32439
https://nvd.nist.gov/vuln/detail/CVE-2021-32439
[ 67 ] CVE-2021-32440
https://nvd.nist.gov/vuln/detail/CVE-2021-32440
[ 68 ] CVE-2021-33361
https://nvd.nist.gov/vuln/detail/CVE-2021-33361
[ 69 ] CVE-2021-33362
https://nvd.nist.gov/vuln/detail/CVE-2021-33362
[ 70 ] CVE-2021-33363
https://nvd.nist.gov/vuln/detail/CVE-2021-33363
[ 71 ] CVE-2021-33364
https://nvd.nist.gov/vuln/detail/CVE-2021-33364
[ 72 ] CVE-2021-33365
https://nvd.nist.gov/vuln/detail/CVE-2021-33365
[ 73 ] CVE-2021-33366
https://nvd.nist.gov/vuln/detail/CVE-2021-33366
[ 74 ] CVE-2021-36412
https://nvd.nist.gov/vuln/detail/CVE-2021-36412
[ 75 ] CVE-2021-36414
https://nvd.nist.gov/vuln/detail/CVE-2021-36414
[ 76 ] CVE-2021-36417
https://nvd.nist.gov/vuln/detail/CVE-2021-36417
[ 77 ] CVE-2021-36584
https://nvd.nist.gov/vuln/detail/CVE-2021-36584
[ 78 ] CVE-2021-40559
https://nvd.nist.gov/vuln/detail/CVE-2021-40559
[ 79 ] CVE-2021-40562
https://nvd.nist.gov/vuln/detail/CVE-2021-40562
[ 80 ] CVE-2021-40563
https://nvd.nist.gov/vuln/detail/CVE-2021-40563
[ 81 ] CVE-2021-40564
https://nvd.nist.gov/vuln/detail/CVE-2021-40564
[ 82 ] CVE-2021-40565
https://nvd.nist.gov/vuln/detail/CVE-2021-40565
[ 83 ] CVE-2021-40566
https://nvd.nist.gov/vuln/detail/CVE-2021-40566
[ 84 ] CVE-2021-40567
https://nvd.nist.gov/vuln/detail/CVE-2021-40567
[ 85 ] CVE-2021-40568
https://nvd.nist.gov/vuln/detail/CVE-2021-40568
[ 86 ] CVE-2021-40569
https://nvd.nist.gov/vuln/detail/CVE-2021-40569
[ 87 ] CVE-2021-40570
https://nvd.nist.gov/vuln/detail/CVE-2021-40570
[ 88 ] CVE-2021-40571
https://nvd.nist.gov/vuln/detail/CVE-2021-40571
[ 89 ] CVE-2021-40572
https://nvd.nist.gov/vuln/detail/CVE-2021-40572
[ 90 ] CVE-2021-40573
https://nvd.nist.gov/vuln/detail/CVE-2021-40573
[ 91 ] CVE-2021-40574
https://nvd.nist.gov/vuln/detail/CVE-2021-40574
[ 92 ] CVE-2021-40575
https://nvd.nist.gov/vuln/detail/CVE-2021-40575
[ 93 ] CVE-2021-40576
https://nvd.nist.gov/vuln/detail/CVE-2021-40576
[ 94 ] CVE-2021-40592
https://nvd.nist.gov/vuln/detail/CVE-2021-40592
[ 95 ] CVE-2021-40606
https://nvd.nist.gov/vuln/detail/CVE-2021-40606
[ 96 ] CVE-2021-40607
https://nvd.nist.gov/vuln/detail/CVE-2021-40607
[ 97 ] CVE-2021-40608
https://nvd.nist.gov/vuln/detail/CVE-2021-40608
[ 98 ] CVE-2021-40609
https://nvd.nist.gov/vuln/detail/CVE-2021-40609
[ 99 ] CVE-2021-40942
https://nvd.nist.gov/vuln/detail/CVE-2021-40942
[ 100 ] CVE-2021-40944
https://nvd.nist.gov/vuln/detail/CVE-2021-40944
[ 101 ] CVE-2021-41456
https://nvd.nist.gov/vuln/detail/CVE-2021-41456
[ 102 ] CVE-2021-41457
https://nvd.nist.gov/vuln/detail/CVE-2021-41457
[ 103 ] CVE-2021-41458
https://nvd.nist.gov/vuln/detail/CVE-2021-41458
[ 104 ] CVE-2021-41459
https://nvd.nist.gov/vuln/detail/CVE-2021-41459
[ 105 ] CVE-2021-44918
https://nvd.nist.gov/vuln/detail/CVE-2021-44918
[ 106 ] CVE-2021-44919
https://nvd.nist.gov/vuln/detail/CVE-2021-44919
[ 107 ] CVE-2021-44920
https://nvd.nist.gov/vuln/detail/CVE-2021-44920
[ 108 ] CVE-2021-44921
https://nvd.nist.gov/vuln/detail/CVE-2021-44921
[ 109 ] CVE-2021-44922
https://nvd.nist.gov/vuln/detail/CVE-2021-44922
[ 110 ] CVE-2021-44923
https://nvd.nist.gov/vuln/detail/CVE-2021-44923
[ 111 ] CVE-2021-44924
https://nvd.nist.gov/vuln/detail/CVE-2021-44924
[ 112 ] CVE-2021-44925
https://nvd.nist.gov/vuln/detail/CVE-2021-44925
[ 113 ] CVE-2021-44926
https://nvd.nist.gov/vuln/detail/CVE-2021-44926
[ 114 ] CVE-2021-44927
https://nvd.nist.gov/vuln/detail/CVE-2021-44927
[ 115 ] CVE-2021-45258
https://nvd.nist.gov/vuln/detail/CVE-2021-45258
[ 116 ] CVE-2021-45259
https://nvd.nist.gov/vuln/detail/CVE-2021-45259
[ 117 ] CVE-2021-45260
https://nvd.nist.gov/vuln/detail/CVE-2021-45260
[ 118 ] CVE-2021-45262
https://nvd.nist.gov/vuln/detail/CVE-2021-45262
[ 119 ] CVE-2021-45263
https://nvd.nist.gov/vuln/detail/CVE-2021-45263
[ 120 ] CVE-2021-45266
https://nvd.nist.gov/vuln/detail/CVE-2021-45266
[ 121 ] CVE-2021-45267
https://nvd.nist.gov/vuln/detail/CVE-2021-45267
[ 122 ] CVE-2021-45288
https://nvd.nist.gov/vuln/detail/CVE-2021-45288
[ 123 ] CVE-2021-45289
https://nvd.nist.gov/vuln/detail/CVE-2021-45289
[ 124 ] CVE-2021-45291
https://nvd.nist.gov/vuln/detail/CVE-2021-45291
[ 125 ] CVE-2021-45292
https://nvd.nist.gov/vuln/detail/CVE-2021-45292
[ 126 ] CVE-2021-45297
https://nvd.nist.gov/vuln/detail/CVE-2021-45297
[ 127 ] CVE-2021-45760
https://nvd.nist.gov/vuln/detail/CVE-2021-45760
[ 128 ] CVE-2021-45762
https://nvd.nist.gov/vuln/detail/CVE-2021-45762
[ 129 ] CVE-2021-45763
https://nvd.nist.gov/vuln/detail/CVE-2021-45763
[ 130 ] CVE-2021-45764
https://nvd.nist.gov/vuln/detail/CVE-2021-45764
[ 131 ] CVE-2021-45767
https://nvd.nist.gov/vuln/detail/CVE-2021-45767
[ 132 ] CVE-2021-45831
https://nvd.nist.gov/vuln/detail/CVE-2021-45831
[ 133 ] CVE-2021-46038
https://nvd.nist.gov/vuln/detail/CVE-2021-46038
[ 134 ] CVE-2021-46039
https://nvd.nist.gov/vuln/detail/CVE-2021-46039
[ 135 ] CVE-2021-46040
https://nvd.nist.gov/vuln/detail/CVE-2021-46040
[ 136 ] CVE-2021-46041
https://nvd.nist.gov/vuln/detail/CVE-2021-46041
[ 137 ] CVE-2021-46042
https://nvd.nist.gov/vuln/detail/CVE-2021-46042
[ 138 ] CVE-2021-46043
https://nvd.nist.gov/vuln/detail/CVE-2021-46043
[ 139 ] CVE-2021-46044
https://nvd.nist.gov/vuln/detail/CVE-2021-46044
[ 140 ] CVE-2021-46045
https://nvd.nist.gov/vuln/detail/CVE-2021-46045
[ 141 ] CVE-2021-46046
https://nvd.nist.gov/vuln/detail/CVE-2021-46046
[ 142 ] CVE-2021-46047
https://nvd.nist.gov/vuln/detail/CVE-2021-46047
[ 143 ] CVE-2021-46049
https://nvd.nist.gov/vuln/detail/CVE-2021-46049
[ 144 ] CVE-2021-46051
https://nvd.nist.gov/vuln/detail/CVE-2021-46051
[ 145 ] CVE-2021-46234
https://nvd.nist.gov/vuln/detail/CVE-2021-46234
[ 146 ] CVE-2021-46236
https://nvd.nist.gov/vuln/detail/CVE-2021-46236
[ 147 ] CVE-2021-46237
https://nvd.nist.gov/vuln/detail/CVE-2021-46237
[ 148 ] CVE-2021-46238
https://nvd.nist.gov/vuln/detail/CVE-2021-46238
[ 149 ] CVE-2021-46239
https://nvd.nist.gov/vuln/detail/CVE-2021-46239
[ 150 ] CVE-2021-46240
https://nvd.nist.gov/vuln/detail/CVE-2021-46240
[ 151 ] CVE-2021-46311
https://nvd.nist.gov/vuln/detail/CVE-2021-46311
[ 152 ] CVE-2021-46313
https://nvd.nist.gov/vuln/detail/CVE-2021-46313
[ 153 ] CVE-2022-1035
https://nvd.nist.gov/vuln/detail/CVE-2022-1035
[ 154 ] CVE-2022-1172
https://nvd.nist.gov/vuln/detail/CVE-2022-1172
[ 155 ] CVE-2022-1222
https://nvd.nist.gov/vuln/detail/CVE-2022-1222
[ 156 ] CVE-2022-1441
https://nvd.nist.gov/vuln/detail/CVE-2022-1441
[ 157 ] CVE-2022-1795
https://nvd.nist.gov/vuln/detail/CVE-2022-1795
[ 158 ] CVE-2022-2453
https://nvd.nist.gov/vuln/detail/CVE-2022-2453
[ 159 ] CVE-2022-2454
https://nvd.nist.gov/vuln/detail/CVE-2022-2454
[ 160 ] CVE-2022-2549
https://nvd.nist.gov/vuln/detail/CVE-2022-2549
[ 161 ] CVE-2022-3178
https://nvd.nist.gov/vuln/detail/CVE-2022-3178
[ 162 ] CVE-2022-3222
https://nvd.nist.gov/vuln/detail/CVE-2022-3222
[ 163 ] CVE-2022-3957
https://nvd.nist.gov/vuln/detail/CVE-2022-3957
[ 164 ] CVE-2022-4202
https://nvd.nist.gov/vuln/detail/CVE-2022-4202
[ 165 ] CVE-2022-24249
https://nvd.nist.gov/vuln/detail/CVE-2022-24249
[ 166 ] CVE-2022-24574
https://nvd.nist.gov/vuln/detail/CVE-2022-24574
[ 167 ] CVE-2022-24575
https://nvd.nist.gov/vuln/detail/CVE-2022-24575
[ 168 ] CVE-2022-24576
https://nvd.nist.gov/vuln/detail/CVE-2022-24576
[ 169 ] CVE-2022-24577
https://nvd.nist.gov/vuln/detail/CVE-2022-24577
[ 170 ] CVE-2022-24578
https://nvd.nist.gov/vuln/detail/CVE-2022-24578
[ 171 ] CVE-2022-26967
https://nvd.nist.gov/vuln/detail/CVE-2022-26967
[ 172 ] CVE-2022-27145
https://nvd.nist.gov/vuln/detail/CVE-2022-27145
[ 173 ] CVE-2022-27146
https://nvd.nist.gov/vuln/detail/CVE-2022-27146
[ 174 ] CVE-2022-27147
https://nvd.nist.gov/vuln/detail/CVE-2022-27147
[ 175 ] CVE-2022-27148
https://nvd.nist.gov/vuln/detail/CVE-2022-27148
[ 176 ] CVE-2022-29339
https://nvd.nist.gov/vuln/detail/CVE-2022-29339
[ 177 ] CVE-2022-29340
https://nvd.nist.gov/vuln/detail/CVE-2022-29340
[ 178 ] CVE-2022-29537
https://nvd.nist.gov/vuln/detail/CVE-2022-29537
[ 179 ] CVE-2022-30976
https://nvd.nist.gov/vuln/detail/CVE-2022-30976
[ 180 ] CVE-2022-36186
https://nvd.nist.gov/vuln/detail/CVE-2022-36186
[ 181 ] CVE-2022-36190
https://nvd.nist.gov/vuln/detail/CVE-2022-36190
[ 182 ] CVE-2022-36191
https://nvd.nist.gov/vuln/detail/CVE-2022-36191
[ 183 ] CVE-2022-38530
https://nvd.nist.gov/vuln/detail/CVE-2022-38530
[ 184 ] CVE-2022-43039
https://nvd.nist.gov/vuln/detail/CVE-2022-43039
[ 185 ] CVE-2022-43040
https://nvd.nist.gov/vuln/detail/CVE-2022-43040
[ 186 ] CVE-2022-43042
https://nvd.nist.gov/vuln/detail/CVE-2022-43042
[ 187 ] CVE-2022-43043
https://nvd.nist.gov/vuln/detail/CVE-2022-43043
[ 188 ] CVE-2022-43044
https://nvd.nist.gov/vuln/detail/CVE-2022-43044
[ 189 ] CVE-2022-43045
https://nvd.nist.gov/vuln/detail/CVE-2022-43045
[ 190 ] CVE-2022-43254
https://nvd.nist.gov/vuln/detail/CVE-2022-43254
[ 191 ] CVE-2022-43255
https://nvd.nist.gov/vuln/detail/CVE-2022-43255
[ 192 ] CVE-2022-45202
https://nvd.nist.gov/vuln/detail/CVE-2022-45202
[ 193 ] CVE-2022-45204
https://nvd.nist.gov/vuln/detail/CVE-2022-45204
[ 194 ] CVE-2022-45283
https://nvd.nist.gov/vuln/detail/CVE-2022-45283
[ 195 ] CVE-2022-45343
https://nvd.nist.gov/vuln/detail/CVE-2022-45343
[ 196 ] CVE-2022-46489
https://nvd.nist.gov/vuln/detail/CVE-2022-46489
[ 197 ] CVE-2022-46490
https://nvd.nist.gov/vuln/detail/CVE-2022-46490
[ 198 ] CVE-2022-47086
https://nvd.nist.gov/vuln/detail/CVE-2022-47086
[ 199 ] CVE-2022-47087
https://nvd.nist.gov/vuln/detail/CVE-2022-47087
[ 200 ] CVE-2022-47088
https://nvd.nist.gov/vuln/detail/CVE-2022-47088
[ 201 ] CVE-2022-47089
https://nvd.nist.gov/vuln/detail/CVE-2022-47089
[ 202 ] CVE-2022-47091
https://nvd.nist.gov/vuln/detail/CVE-2022-47091
[ 203 ] CVE-2022-47092
https://nvd.nist.gov/vuln/detail/CVE-2022-47092
[ 204 ] CVE-2022-47093
https://nvd.nist.gov/vuln/detail/CVE-2022-47093
[ 205 ] CVE-2022-47094
https://nvd.nist.gov/vuln/detail/CVE-2022-47094
[ 206 ] CVE-2022-47095
https://nvd.nist.gov/vuln/detail/CVE-2022-47095
[ 207 ] CVE-2022-47653
https://nvd.nist.gov/vuln/detail/CVE-2022-47653
[ 208 ] CVE-2022-47654
https://nvd.nist.gov/vuln/detail/CVE-2022-47654
[ 209 ] CVE-2022-47656
https://nvd.nist.gov/vuln/detail/CVE-2022-47656
[ 210 ] CVE-2022-47657
https://nvd.nist.gov/vuln/detail/CVE-2022-47657
[ 211 ] CVE-2022-47658
https://nvd.nist.gov/vuln/detail/CVE-2022-47658
[ 212 ] CVE-2022-47659
https://nvd.nist.gov/vuln/detail/CVE-2022-47659
[ 213 ] CVE-2022-47660
https://nvd.nist.gov/vuln/detail/CVE-2022-47660
[ 214 ] CVE-2022-47661
https://nvd.nist.gov/vuln/detail/CVE-2022-47661
[ 215 ] CVE-2022-47662
https://nvd.nist.gov/vuln/detail/CVE-2022-47662
[ 216 ] CVE-2022-47663
https://nvd.nist.gov/vuln/detail/CVE-2022-47663

Availability

This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:

https://security.gentoo.org/glsa/202408-21

Concerns?

Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users’ machines is of utmost
importance to us. Any security concerns should be addressed to
[email protected] or alternatively, you may file a bug at
https://bugs.gentoo.org.

License

Copyright 2024 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).

The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.

https://creativecommons.org/licenses/by-sa/2.5

Related news

Stealthy Malware Has Infected Thousands of Linux Systems for Years

Perfctl malware is hard to detect, persists after reboots, and can perform a breadth of malicious activities.

New Linux Malware ‘Perfctl’ Targets Millions by Mimicking System Files

New Linux malware ‘Perfctl’ is targeting millions worldwide, mimicking system files to evade detection. This sophisticated malware compromises…

New Perfctl Malware Targets Linux Servers for Cryptocurrency Mining and Proxyjacking

Linux servers are the target of an ongoing campaign that delivers a stealthy malware dubbed perfctl with the primary aim of running a cryptocurrency miner and proxyjacking software. "Perfctl is particularly elusive and persistent, employing several sophisticated techniques," Aqua security researchers Assaf Morag and Idan Revivo said in a report shared with The Hacker News. "When a new user logs

Near-'perfctl' Fileless Malware Targets Millions of Linux Servers

Armed with a staggering arsenal of at least 20,000 different exploits for various Linux server misconfigurations, perfctl is everywhere, annoying, and tough to get rid of.

Exposed Selenium Grid Servers Targeted for Crypto Mining and Proxyjacking

Internet-exposed Selenium Grid instances are being targeted by bad actors for illicit cryptocurrency mining and proxyjacking campaigns. "Selenium Grid is a server that facilitates running test cases in parallel across different browsers and versions," Cado Security researchers Tara Gould and Nate Bill said in an analysis published today. "However, Selenium Grid's default configuration lacks

Hackers Proxyjack &amp; Cryptomine Selenium Grid Servers

A vendor honeypot caught two attacks intended to leverage the tens of thousands of exposed Selenium Grid Web app testing servers.

Debian Security Advisory 5411-1

Debian Linux Security Advisory 5411-1 - Multiple issues were found in GPAC multimedia framework, which could result in denial of service or potentially the execution of arbitrary code.

Debian Security Advisory 5411-1

Debian Linux Security Advisory 5411-1 - Multiple issues were found in GPAC multimedia framework, which could result in denial of service or potentially the execution of arbitrary code.

Debian Security Advisory 5411-1

Debian Linux Security Advisory 5411-1 - Multiple issues were found in GPAC multimedia framework, which could result in denial of service or potentially the execution of arbitrary code.

Debian Security Advisory 5411-1

Debian Linux Security Advisory 5411-1 - Multiple issues were found in GPAC multimedia framework, which could result in denial of service or potentially the execution of arbitrary code.

Debian Security Advisory 5411-1

Debian Linux Security Advisory 5411-1 - Multiple issues were found in GPAC multimedia framework, which could result in denial of service or potentially the execution of arbitrary code.

Debian Security Advisory 5411-1

Debian Linux Security Advisory 5411-1 - Multiple issues were found in GPAC multimedia framework, which could result in denial of service or potentially the execution of arbitrary code.

Debian Security Advisory 5411-1

Debian Linux Security Advisory 5411-1 - Multiple issues were found in GPAC multimedia framework, which could result in denial of service or potentially the execution of arbitrary code.

Debian Security Advisory 5411-1

Debian Linux Security Advisory 5411-1 - Multiple issues were found in GPAC multimedia framework, which could result in denial of service or potentially the execution of arbitrary code.

Debian Security Advisory 5411-1

Debian Linux Security Advisory 5411-1 - Multiple issues were found in GPAC multimedia framework, which could result in denial of service or potentially the execution of arbitrary code.

Debian Security Advisory 5411-1

Debian Linux Security Advisory 5411-1 - Multiple issues were found in GPAC multimedia framework, which could result in denial of service or potentially the execution of arbitrary code.

Debian Security Advisory 5411-1

Debian Linux Security Advisory 5411-1 - Multiple issues were found in GPAC multimedia framework, which could result in denial of service or potentially the execution of arbitrary code.

Debian Security Advisory 5411-1

Debian Linux Security Advisory 5411-1 - Multiple issues were found in GPAC multimedia framework, which could result in denial of service or potentially the execution of arbitrary code.

Debian Security Advisory 5411-1

Debian Linux Security Advisory 5411-1 - Multiple issues were found in GPAC multimedia framework, which could result in denial of service or potentially the execution of arbitrary code.

Debian Security Advisory 5411-1

Debian Linux Security Advisory 5411-1 - Multiple issues were found in GPAC multimedia framework, which could result in denial of service or potentially the execution of arbitrary code.

Debian Security Advisory 5411-1

Debian Linux Security Advisory 5411-1 - Multiple issues were found in GPAC multimedia framework, which could result in denial of service or potentially the execution of arbitrary code.

Debian Security Advisory 5411-1

Debian Linux Security Advisory 5411-1 - Multiple issues were found in GPAC multimedia framework, which could result in denial of service or potentially the execution of arbitrary code.

Debian Security Advisory 5411-1

Debian Linux Security Advisory 5411-1 - Multiple issues were found in GPAC multimedia framework, which could result in denial of service or potentially the execution of arbitrary code.

Debian Security Advisory 5411-1

Debian Linux Security Advisory 5411-1 - Multiple issues were found in GPAC multimedia framework, which could result in denial of service or potentially the execution of arbitrary code.

Debian Security Advisory 5411-1

Debian Linux Security Advisory 5411-1 - Multiple issues were found in GPAC multimedia framework, which could result in denial of service or potentially the execution of arbitrary code.

Debian Security Advisory 5411-1

Debian Linux Security Advisory 5411-1 - Multiple issues were found in GPAC multimedia framework, which could result in denial of service or potentially the execution of arbitrary code.

Debian Security Advisory 5411-1

Debian Linux Security Advisory 5411-1 - Multiple issues were found in GPAC multimedia framework, which could result in denial of service or potentially the execution of arbitrary code.

Debian Security Advisory 5411-1

Debian Linux Security Advisory 5411-1 - Multiple issues were found in GPAC multimedia framework, which could result in denial of service or potentially the execution of arbitrary code.

Debian Security Advisory 5411-1

Debian Linux Security Advisory 5411-1 - Multiple issues were found in GPAC multimedia framework, which could result in denial of service or potentially the execution of arbitrary code.

Debian Security Advisory 5411-1

Debian Linux Security Advisory 5411-1 - Multiple issues were found in GPAC multimedia framework, which could result in denial of service or potentially the execution of arbitrary code.

Debian Security Advisory 5411-1

Debian Linux Security Advisory 5411-1 - Multiple issues were found in GPAC multimedia framework, which could result in denial of service or potentially the execution of arbitrary code.

Debian Security Advisory 5411-1

Debian Linux Security Advisory 5411-1 - Multiple issues were found in GPAC multimedia framework, which could result in denial of service or potentially the execution of arbitrary code.

Debian Security Advisory 5411-1

Debian Linux Security Advisory 5411-1 - Multiple issues were found in GPAC multimedia framework, which could result in denial of service or potentially the execution of arbitrary code.

Debian Security Advisory 5411-1

Debian Linux Security Advisory 5411-1 - Multiple issues were found in GPAC multimedia framework, which could result in denial of service or potentially the execution of arbitrary code.

Debian Security Advisory 5411-1

Debian Linux Security Advisory 5411-1 - Multiple issues were found in GPAC multimedia framework, which could result in denial of service or potentially the execution of arbitrary code.

Debian Security Advisory 5411-1

Debian Linux Security Advisory 5411-1 - Multiple issues were found in GPAC multimedia framework, which could result in denial of service or potentially the execution of arbitrary code.

Debian Security Advisory 5411-1

Debian Linux Security Advisory 5411-1 - Multiple issues were found in GPAC multimedia framework, which could result in denial of service or potentially the execution of arbitrary code.

Debian Security Advisory 5411-1

Debian Linux Security Advisory 5411-1 - Multiple issues were found in GPAC multimedia framework, which could result in denial of service or potentially the execution of arbitrary code.

Debian Security Advisory 5411-1

Debian Linux Security Advisory 5411-1 - Multiple issues were found in GPAC multimedia framework, which could result in denial of service or potentially the execution of arbitrary code.

Debian Security Advisory 5411-1

Debian Linux Security Advisory 5411-1 - Multiple issues were found in GPAC multimedia framework, which could result in denial of service or potentially the execution of arbitrary code.

Debian Security Advisory 5411-1

Debian Linux Security Advisory 5411-1 - Multiple issues were found in GPAC multimedia framework, which could result in denial of service or potentially the execution of arbitrary code.

Debian Security Advisory 5411-1

Debian Linux Security Advisory 5411-1 - Multiple issues were found in GPAC multimedia framework, which could result in denial of service or potentially the execution of arbitrary code.

Debian Security Advisory 5411-1

Debian Linux Security Advisory 5411-1 - Multiple issues were found in GPAC multimedia framework, which could result in denial of service or potentially the execution of arbitrary code.

Debian Security Advisory 5411-1

Debian Linux Security Advisory 5411-1 - Multiple issues were found in GPAC multimedia framework, which could result in denial of service or potentially the execution of arbitrary code.

Debian Security Advisory 5411-1

Debian Linux Security Advisory 5411-1 - Multiple issues were found in GPAC multimedia framework, which could result in denial of service or potentially the execution of arbitrary code.

Debian Security Advisory 5411-1

Debian Linux Security Advisory 5411-1 - Multiple issues were found in GPAC multimedia framework, which could result in denial of service or potentially the execution of arbitrary code.

Debian Security Advisory 5411-1

Debian Linux Security Advisory 5411-1 - Multiple issues were found in GPAC multimedia framework, which could result in denial of service or potentially the execution of arbitrary code.

Debian Security Advisory 5411-1

Debian Linux Security Advisory 5411-1 - Multiple issues were found in GPAC multimedia framework, which could result in denial of service or potentially the execution of arbitrary code.

Debian Security Advisory 5411-1

Debian Linux Security Advisory 5411-1 - Multiple issues were found in GPAC multimedia framework, which could result in denial of service or potentially the execution of arbitrary code.

Debian Security Advisory 5411-1

Debian Linux Security Advisory 5411-1 - Multiple issues were found in GPAC multimedia framework, which could result in denial of service or potentially the execution of arbitrary code.

Debian Security Advisory 5411-1

Debian Linux Security Advisory 5411-1 - Multiple issues were found in GPAC multimedia framework, which could result in denial of service or potentially the execution of arbitrary code.

Debian Security Advisory 5411-1

Debian Linux Security Advisory 5411-1 - Multiple issues were found in GPAC multimedia framework, which could result in denial of service or potentially the execution of arbitrary code.

Debian Security Advisory 5411-1

Debian Linux Security Advisory 5411-1 - Multiple issues were found in GPAC multimedia framework, which could result in denial of service or potentially the execution of arbitrary code.

Debian Security Advisory 5411-1

Debian Linux Security Advisory 5411-1 - Multiple issues were found in GPAC multimedia framework, which could result in denial of service or potentially the execution of arbitrary code.

Debian Security Advisory 5411-1

Debian Linux Security Advisory 5411-1 - Multiple issues were found in GPAC multimedia framework, which could result in denial of service or potentially the execution of arbitrary code.

Debian Security Advisory 5411-1

Debian Linux Security Advisory 5411-1 - Multiple issues were found in GPAC multimedia framework, which could result in denial of service or potentially the execution of arbitrary code.

Debian Security Advisory 5411-1

Debian Linux Security Advisory 5411-1 - Multiple issues were found in GPAC multimedia framework, which could result in denial of service or potentially the execution of arbitrary code.

Debian Security Advisory 5411-1

Debian Linux Security Advisory 5411-1 - Multiple issues were found in GPAC multimedia framework, which could result in denial of service or potentially the execution of arbitrary code.

Debian Security Advisory 5411-1

Debian Linux Security Advisory 5411-1 - Multiple issues were found in GPAC multimedia framework, which could result in denial of service or potentially the execution of arbitrary code.

Debian Security Advisory 5411-1

Debian Linux Security Advisory 5411-1 - Multiple issues were found in GPAC multimedia framework, which could result in denial of service or potentially the execution of arbitrary code.

Debian Security Advisory 5411-1

Debian Linux Security Advisory 5411-1 - Multiple issues were found in GPAC multimedia framework, which could result in denial of service or potentially the execution of arbitrary code.

Debian Security Advisory 5411-1

Debian Linux Security Advisory 5411-1 - Multiple issues were found in GPAC multimedia framework, which could result in denial of service or potentially the execution of arbitrary code.

Debian Security Advisory 5411-1

Debian Linux Security Advisory 5411-1 - Multiple issues were found in GPAC multimedia framework, which could result in denial of service or potentially the execution of arbitrary code.

Debian Security Advisory 5411-1

Debian Linux Security Advisory 5411-1 - Multiple issues were found in GPAC multimedia framework, which could result in denial of service or potentially the execution of arbitrary code.

Debian Security Advisory 5411-1

Debian Linux Security Advisory 5411-1 - Multiple issues were found in GPAC multimedia framework, which could result in denial of service or potentially the execution of arbitrary code.

Debian Security Advisory 5411-1

Debian Linux Security Advisory 5411-1 - Multiple issues were found in GPAC multimedia framework, which could result in denial of service or potentially the execution of arbitrary code.

Debian Security Advisory 5411-1

Debian Linux Security Advisory 5411-1 - Multiple issues were found in GPAC multimedia framework, which could result in denial of service or potentially the execution of arbitrary code.

Debian Security Advisory 5411-1

Debian Linux Security Advisory 5411-1 - Multiple issues were found in GPAC multimedia framework, which could result in denial of service or potentially the execution of arbitrary code.

Debian Security Advisory 5411-1

Debian Linux Security Advisory 5411-1 - Multiple issues were found in GPAC multimedia framework, which could result in denial of service or potentially the execution of arbitrary code.

Debian Security Advisory 5411-1

Debian Linux Security Advisory 5411-1 - Multiple issues were found in GPAC multimedia framework, which could result in denial of service or potentially the execution of arbitrary code.

Debian Security Advisory 5411-1

Debian Linux Security Advisory 5411-1 - Multiple issues were found in GPAC multimedia framework, which could result in denial of service or potentially the execution of arbitrary code.

Debian Security Advisory 5411-1

Debian Linux Security Advisory 5411-1 - Multiple issues were found in GPAC multimedia framework, which could result in denial of service or potentially the execution of arbitrary code.

Debian Security Advisory 5411-1

Debian Linux Security Advisory 5411-1 - Multiple issues were found in GPAC multimedia framework, which could result in denial of service or potentially the execution of arbitrary code.

Debian Security Advisory 5411-1

Debian Linux Security Advisory 5411-1 - Multiple issues were found in GPAC multimedia framework, which could result in denial of service or potentially the execution of arbitrary code.

Debian Security Advisory 5411-1

Debian Linux Security Advisory 5411-1 - Multiple issues were found in GPAC multimedia framework, which could result in denial of service or potentially the execution of arbitrary code.

Debian Security Advisory 5411-1

Debian Linux Security Advisory 5411-1 - Multiple issues were found in GPAC multimedia framework, which could result in denial of service or potentially the execution of arbitrary code.

Debian Security Advisory 5411-1

Debian Linux Security Advisory 5411-1 - Multiple issues were found in GPAC multimedia framework, which could result in denial of service or potentially the execution of arbitrary code.

Debian Security Advisory 5411-1

Debian Linux Security Advisory 5411-1 - Multiple issues were found in GPAC multimedia framework, which could result in denial of service or potentially the execution of arbitrary code.

Debian Security Advisory 5411-1

Debian Linux Security Advisory 5411-1 - Multiple issues were found in GPAC multimedia framework, which could result in denial of service or potentially the execution of arbitrary code.

Debian Security Advisory 5411-1

Debian Linux Security Advisory 5411-1 - Multiple issues were found in GPAC multimedia framework, which could result in denial of service or potentially the execution of arbitrary code.

Debian Security Advisory 5411-1

Debian Linux Security Advisory 5411-1 - Multiple issues were found in GPAC multimedia framework, which could result in denial of service or potentially the execution of arbitrary code.

Debian Security Advisory 5411-1

Debian Linux Security Advisory 5411-1 - Multiple issues were found in GPAC multimedia framework, which could result in denial of service or potentially the execution of arbitrary code.

Debian Security Advisory 5411-1

Debian Linux Security Advisory 5411-1 - Multiple issues were found in GPAC multimedia framework, which could result in denial of service or potentially the execution of arbitrary code.

Debian Security Advisory 5411-1

Debian Linux Security Advisory 5411-1 - Multiple issues were found in GPAC multimedia framework, which could result in denial of service or potentially the execution of arbitrary code.

Debian Security Advisory 5411-1

Debian Linux Security Advisory 5411-1 - Multiple issues were found in GPAC multimedia framework, which could result in denial of service or potentially the execution of arbitrary code.

Debian Security Advisory 5411-1

Debian Linux Security Advisory 5411-1 - Multiple issues were found in GPAC multimedia framework, which could result in denial of service or potentially the execution of arbitrary code.

Debian Security Advisory 5411-1

Debian Linux Security Advisory 5411-1 - Multiple issues were found in GPAC multimedia framework, which could result in denial of service or potentially the execution of arbitrary code.

Debian Security Advisory 5411-1

Debian Linux Security Advisory 5411-1 - Multiple issues were found in GPAC multimedia framework, which could result in denial of service or potentially the execution of arbitrary code.

Debian Security Advisory 5411-1

Debian Linux Security Advisory 5411-1 - Multiple issues were found in GPAC multimedia framework, which could result in denial of service or potentially the execution of arbitrary code.

Debian Security Advisory 5411-1

Debian Linux Security Advisory 5411-1 - Multiple issues were found in GPAC multimedia framework, which could result in denial of service or potentially the execution of arbitrary code.

Debian Security Advisory 5411-1

Debian Linux Security Advisory 5411-1 - Multiple issues were found in GPAC multimedia framework, which could result in denial of service or potentially the execution of arbitrary code.

Debian Security Advisory 5411-1

Debian Linux Security Advisory 5411-1 - Multiple issues were found in GPAC multimedia framework, which could result in denial of service or potentially the execution of arbitrary code.

Debian Security Advisory 5411-1

Debian Linux Security Advisory 5411-1 - Multiple issues were found in GPAC multimedia framework, which could result in denial of service or potentially the execution of arbitrary code.

Debian Security Advisory 5411-1

Debian Linux Security Advisory 5411-1 - Multiple issues were found in GPAC multimedia framework, which could result in denial of service or potentially the execution of arbitrary code.

Debian Security Advisory 5411-1

Debian Linux Security Advisory 5411-1 - Multiple issues were found in GPAC multimedia framework, which could result in denial of service or potentially the execution of arbitrary code.

Debian Security Advisory 5411-1

Debian Linux Security Advisory 5411-1 - Multiple issues were found in GPAC multimedia framework, which could result in denial of service or potentially the execution of arbitrary code.

CVE-2022-47654: buffer overflow in gf_hevc_read_sps_bs_internal function of media_tools/av_parsers.c:8261 · Issue #2350 · gpac/gpac

GPAC MP4box 2.1-DEV-rev593-g007bf61a0 is vulnerable to Buffer Overflow in gf_hevc_read_sps_bs_internal function of media_tools/av_parsers.c:8261

CVE-2022-47663: buffer overflow in h263dmx_process filters/reframe_h263.c:609 · Issue #2360 · gpac/gpac

GPAC MP4box 2.1-DEV-rev649-ga8f438d20 is vulnerable to buffer overflow in h263dmx_process filters/reframe_h263.c:609

CVE-2022-47662: Infinite recursion in Media_GetSample isomedia/media.c:662 · Issue #2359 · gpac/gpac

GPAC MP4Box 2.1-DEV-rev649-ga8f438d20 has a segment fault (/stack overflow) due to infinite recursion in Media_GetSample isomedia/media.c:662

CVE-2022-47661: heap-buffer-overflow media_tools/av_parsers.c:4988 in gf_media_nalu_add_emulation_bytes · Issue #2358 · gpac/gpac

GPAC MP4Box 2.1-DEV-rev649-ga8f438d20 is vulnerable to Buffer Overflow via media_tools/av_parsers.c:4988 in gf_media_nalu_add_emulation_bytes

CVE-2022-47660: integer overflow in isomedia/isom_write.c:4931 · Issue #2357 · gpac/gpac

GPAC MP4Box 2.1-DEV-rev644-g5c4df2a67 is has an integer overflow in isomedia/isom_write.c

CVE-2022-47658: buffer overflow in function gf_hevc_read_vps_bs_internal of media_tools/av_parsers.c:8039 · Issue #2356 · gpac/gpac

GPAC MP4Box 2.1-DEV-rev644-g5c4df2a67 is vulnerable to buffer overflow in function gf_hevc_read_vps_bs_internal of media_tools/av_parsers.c:8039

CVE-2022-47657: buffer overflow in function hevc_parse_vps_extension of media_tools/av_parsers.c:7662 · Issue #2355 · gpac/gpac

GPAC MP4Box 2.1-DEV-rev644-g5c4df2a67 is vulnerable to buffer overflow in function hevc_parse_vps_extension of media_tools/av_parsers.c:7662

CVE-2022-47656: buffer overflow in gf_hevc_read_sps_bs_internal function of media_tools/av_parsers.c:8273 · Issue #2353 · gpac/gpac

GPAC MP4box 2.1-DEV-rev617-g85ce76efd is vulnerable to Buffer Overflow in gf_hevc_read_sps_bs_internal function of media_tools/av_parsers.c:8273

CVE-2022-47653: buffer overflow in eac3_update_channels function of media_tools/av_parsers.c:9113 · Issue #2349 · gpac/gpac

GPAC MP4box 2.1-DEV-rev593-g007bf61a0 is vulnerable to Buffer Overflow in eac3_update_channels function of media_tools/av_parsers.c:9113

CVE-2022-47095: Buffer overflow in hevc_parse_vps_extension function of media_tools/av_parsers.c · Issue #2346 · gpac/gpac

GPAC MP4box 2.1-DEV-rev574-g9d5bb184b is vulnerable to Buffer overflow in hevc_parse_vps_extension function of media_tools/av_parsers.c

CVE-2022-47094: Null pointer dereference filters/dmx_m2ts.c:343 in m2tsdmx_declare_pid · Issue #2345 · gpac/gpac

GPAC MP4box 2.1-DEV-rev574-g9d5bb184b is vulnerable to Null pointer dereference via filters/dmx_m2ts.c:343 in m2tsdmx_declare_pid

CVE-2022-47093: heap-use-after-free filters/dmx_m2ts.c:470 in m2tsdmx_declare_pid · Issue #2344 · gpac/gpac

GPAC MP4box 2.1-DEV-rev574-g9d5bb184b is vulnerable to heap use-after-free via filters/dmx_m2ts.c:470 in m2tsdmx_declare_pid

CVE-2022-47092: Integer overflow in gf_hevc_read_sps_bs_internal function of media_tools/av_parsers.c:8316 · Issue #2347 · gpac/gpac

GPAC MP4box 2.1-DEV-rev574-g9d5bb184b is contains an Integer overflow vulnerability in gf_hevc_read_sps_bs_internal function of media_tools/av_parsers.c:8316

CVE-2022-47091: Buffer overflow in gf_text_process_sub function of filters/load_text.c · Issue #2343 · gpac/gpac

GPAC MP4box 2.1-DEV-rev574-g9d5bb184b is vulnerable to Buffer Overflow in gf_text_process_sub function of filters/load_text.c

CVE-2022-47087: Buffer overflow in gf_vvc_read_pps_bs_internal function of media_tools/av_parsers.c · Issue #2339 · gpac/gpac

GPAC MP4box 2.1-DEV-rev574-g9d5bb184b has a Buffer overflow in gf_vvc_read_pps_bs_internal function of media_tools/av_parsers.c

CVE-2022-47086: missing check in gf_sm_load_init_swf, causing Segmentation fault · Issue #2337 · gpac/gpac

GPAC MP4Box v2.1-DEV-rev574-g9d5bb184b contains a segmentation violation via the function gf_sm_load_init_swf at scene_manager/swf_parse.c

CVE-2022-46490: Memory leak in afrt_box_read function of box_code_adobe.c:706:35 · Issue #2327 · gpac/gpac

GPAC version 2.1-DEV-rev505-gb9577e6ad-master was discovered to contain a memory leak via the afrt_box_read function at box_code_adobe.c.

CVE-2022-46489: Memory leak in gf_isom_box_parse_ex function of box_funcs.c:166:13 · Issue #2328 · gpac/gpac

GPAC version 2.1-DEV-rev505-gb9577e6ad-master was discovered to contain a memory leak via the gf_isom_box_parse_ex function at box_funcs.c.

CVE-2022-47089: Buffer overflow in gf_vvc_read_sps_bs_internal function of media_tools/av_parsers.c · Issue #2338 · gpac/gpac

GPAC MP4box 2.1-DEV-rev574-g9d5bb184b is vulnerable to Buffer Overflow via gf_vvc_read_sps_bs_internal function of media_tools/av_parsers.c

CVE-2022-45283: GPAC-2.0.0 MP4Box: stack overflow with unlimited length and controllable content in smil_parse_time_list · Issue #2295 · gpac/gpac

GPAC MP4box v2.0.0 was discovered to contain a stack overflow in the smil_parse_time_list parameter at /scenegraph/svg_attributes.c.

CVE-2022-45343: Heap use after free in Q_IsTypeOn at gpac/src/bifs/unquantize.c · Issue #2315 · gpac/gpac

GPAC v2.1-DEV-rev478-g696e6f868-master was discovered to contain a heap use-after-free via the Q_IsTypeOn function at /gpac/src/bifs/unquantize.c.

CVE-2022-4202

A vulnerability, which was classified as problematic, was found in GPAC 2.1-DEV-rev490-g68064e101-master. Affected is the function lsr_translate_coords of the file laser/lsr_dec.c. The manipulation leads to integer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-214518 is the identifier assigned to this vulnerability.

CVE-2022-45204: Memory Leak in dimC_box_read at isomedia/box_code_3gpp.c:1060 · Issue #2307 · gpac/gpac

GPAC v2.1-DEV-rev428-gcb8ae46c8-master was discovered to contain a memory leak via the function dimC_box_read at isomedia/box_code_3gpp.c.

CVE-2022-45202: Stack buffer overflow in function dimC_box_read at isomedia/box_code_3gpp.c:1070 · Issue #2296 · gpac/gpac

GPAC v2.1-DEV-rev428-gcb8ae46c8-master was discovered to contain a stack overflow via the function dimC_box_read at isomedia/box_code_3gpp.c.

CVE-2022-3957: fixed mem leak in sgv parse error · gpac/gpac@2191e66

A vulnerability classified as problematic was found in GPAC. Affected by this vulnerability is the function svg_parse_preserveaspectratio of the file scenegraph/svg_attributes.c of the component SVG Parser. The manipulation leads to memory leak. The attack can be launched remotely. The name of the patch is 2191e66aa7df750e8ef01781b1930bea87b713bb. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-213463.

CVE-2022-43254: Memory Leak in gf_list_new utils/list.c:601 · Issue #2284 · gpac/gpac

GPAC v2.1-DEV-rev368-gfd054169b-master was discovered to contain a memory leak via the component gf_list_new at utils/list.c.

CVE-2022-43255: Memory Leak in gf_odf_new_iod odf/odf_code.c:415 · Issue #2285 · gpac/gpac

GPAC v2.1-DEV-rev368-gfd054169b-master was discovered to contain a memory leak via the component gf_odf_new_iod at odf/odf_code.c.

CVE-2022-43039: SEGV isomedia/meta.c:1929 in gf_isom_meta_restore_items_ref · Issue #2281 · gpac/gpac

GPAC 2.1-DEV-rev368-gfd054169b-master was discovered to contain a segmentation violation via the function gf_isom_meta_restore_items_ref at /isomedia/meta.c.

CVE-2022-43040: heap-buffer-overflow isomedia/box_funcs.c:2074 in gf_isom_box_dump_start_ex · Issue #2280 · gpac/gpac

GPAC 2.1-DEV-rev368-gfd054169b-master was discovered to contain a heap buffer overflow via the function gf_isom_box_dump_start_ex at /isomedia/box_funcs.c.

CVE-2022-43043: SEGV BD_CheckSFTimeOffset bifs/field_decode.c:58 · Issue #2276 · gpac/gpac

GPAC 2.1-DEV-rev368-gfd054169b-master was discovered to contain a segmentation violation via the function BD_CheckSFTimeOffset at /bifs/field_decode.c.

CVE-2022-43044: SEGV isomedia/meta.c:177 in gf_isom_get_meta_item_info · Issue #2282 · gpac/gpac

GPAC 2.1-DEV-rev368-gfd054169b-master was discovered to contain a segmentation violation via the function gf_isom_get_meta_item_info at /isomedia/meta.c.

CVE-2022-43045: SEGV scene_manager/scene_dump.c:693 in gf_dump_vrml_sffield · Issue #2277 · gpac/gpac

GPAC 2.1-DEV-rev368-gfd054169b-master was discovered to contain a segmentation violation via the function gf_dump_vrml_sffield at /scene_manager/scene_dump.c.

CVE-2022-43042: heap-buffer-overflow isomedia/isom_intern.c:227 in FixSDTPInTRAF · Issue #2278 · gpac/gpac

GPAC 2.1-DEV-rev368-gfd054169b-master was discovered to contain a heap buffer overflow via the function FixSDTPInTRAF at isomedia/isom_intern.c.

CVE-2022-3222: Segmentation Fault in SFS_Expression in gpac

Uncontrolled Recursion in GitHub repository gpac/gpac prior to 2.1.0-DEV.

CVE-2022-3178: fixed #2255 · gpac/gpac@7751077

Buffer Over-read in GitHub repository gpac/gpac prior to 2.1.0-DEV.

CVE-2022-38530: AddressSanitizer: stack-overflow when processing ISOM_IOD · Issue #2216 · gpac/gpac

GPAC v2.1-DEV-rev232-gfcaa01ebb-master was discovered to contain a stack overflow when processing ISOM_IOD.

CVE-2022-36191: heap-buffer-overflow in function gf_isom_dovi_config_get · Issue #2218 · gpac/gpac

A heap-buffer-overflow had occurred in function gf_isom_dovi_config_get of isomedia/avc_ext.c:2490, as demonstrated by MP4Box. This vulnerability was fixed in commit fef6242.

CVE-2022-36190: Heap Use After Free in function gf_isom_dovi_config_get · Issue #2220 · gpac/gpac

GPAC mp4box 2.1-DEV-revUNKNOWN-master has a use-after-free vulnerability in function gf_isom_dovi_config_get. This vulnerability was fixed in commit fef6242.

CVE-2022-36186: A NULL pointer dereference in gf_filter_pid_set_property_full · Issue #2223 · gpac/gpac

A Null Pointer dereference vulnerability exists in GPAC 2.1-DEV-revUNKNOWN-master via the function gf_filter_pid_set_property_full () at filter_core/filter_pid.c:5250,which causes a Denial of Service (DoS). This vulnerability was fixed in commit b43f9d1.

CVE-2022-2549: fixed #2232 · gpac/gpac@0102c5d

NULL Pointer Dereference in GitHub repository gpac/gpac prior to v2.1.0-DEV.

CVE-2022-2453

Use After Free in GitHub repository gpac/gpac prior to 2.1-DEV.

CVE-2022-2454: fixed #2213 · gpac/gpac@faa75ed

Integer Overflow or Wraparound in GitHub repository gpac/gpac prior to 2.1-DEV.

CVE-2021-40608: BUG : free on unknown addrees in MP4BOX at gf_hinter_track_finalize media_tools/isom_hinter.c:956 · Issue #1883 · gpac/gpac

The gf_hinter_track_finalize function in GPAC 1.0.1 allows attackers to cause a denial of service via a crafted file in the MP4Box command.

CVE-2021-40609: heap-buffer-overflow in MP4BOX at souce file src/isomedia/hint_track.c:46 · Issue #1894 · gpac/gpac

The GetHintFormat function in GPAC 1.0.1 allows attackers to cause a denial of service via a crafted file in the MP4Box command.

CVE-2021-40606: Bug: Memcpy from unknown addrees in MP4BOX at src/utils/bitstream.c:1028 · Issue #1885 · gpac/gpac

The gf_bs_write_data function in GPAC 1.0.1 allows attackers to cause a denial of service via a crafted file in the MP4Box command.

CVE-2021-40607: BUG: heap-buffer-overflow in MP4Box at src/isomedia/schm_box_size:179 · Issue #1879 · gpac/gpac

The schm_box_size function in GPAC 1.0.1 allows attackers to cause a denial of service via a crafted file in the MP4Box command.

CVE-2021-40944: Null pointer reference in GPAC at src/filter_core/filter_pid.c:5394 · Issue #1906 · gpac/gpac

In GPAC MP4Box 1.1.0, there is a Null pointer reference in the function gf_filter_pid_get_packet function in src/filter_core/filter_pid.c:5394, as demonstrated by GPAC. This can cause a denial of service (DOS).

CVE-2021-40942: heap-buffer-overflow in MP4Box at filter_core/filter.c:1454 · Issue #1908 · gpac/gpac

In GPAC MP4Box v1.1.0, there is a heap-buffer-overflow in the function filter_parse_dyn_args function in filter_core/filter.c:1454, as demonstrated by GPAC. This can cause a denial of service (DOS).

CVE-2021-41458: SEGV on unknown address in MP4Box at src/utils/error.c:1769 in gf_blob_get · Issue #1910 · gpac/gpac

In GPAC MP4Box v1.1.0, there is a stack buffer overflow at src/utils/error.c:1769 which leads to a denial of service vulnerability.

CVE-2021-40592: Infinite Loop in MP4Box · Issue #1876 · gpac/gpac

GPAC version before commit 71460d72ec07df766dab0a4d52687529f3efcf0a (version v1.0.1 onwards) contains loop with unreachable exit condition ('infinite loop') vulnerability in ISOBMFF reader filter, isoffin_read.c. Function isoffin_process() can result in DoS by infinite loop. To exploit, the victim must open a specially crafted mp4 file.

CVE-2022-1795: Use After Free in gpac

Use After Free in GitHub repository gpac/gpac prior to v2.1.0-DEV.

CVE-2022-30976: gpac/gpac.1 at 105d67985ff3c3f4b98a98f312e3d84ae77a4463 · gpac/gpac

GPAC 2.0.0 misuses a certain Unicode utf8_wcslen (renamed gf_utf8_wcslen) function in utils/utf.c, resulting in a heap-based buffer over-read, as demonstrated by MP4Box.

CVE-2022-1441: fixed #2175 · gpac/gpac@3dbe11b

MP4Box is a component of GPAC-2.0.0, which is a widely-used third-party package on RPM Fusion. When MP4Box tries to parse a MP4 file, it calls the function `diST_box_read()` to read from video. In this function, it allocates a buffer `str` with fixed length. However, content read from `bs` is controllable by user, so is the length, which causes a buffer overflow.

CVE-2022-27145: There is a statck-overflow detected by AddressSanitizer · Issue #2108 · gpac/gpac

GPAC mp4box 1.1.0-DEV-rev1727-g8be34973d-master has a stack-overflow vulnerability in function gf_isom_get_sample_for_movie_time of mp4box.

CVE-2022-24577: NULL Pointer Dereference in gpac

GPAC 1.0.1 is affected by a NULL pointer dereference in gf_utf8_wcslen. (gf_utf8_wcslen is a renamed Unicode utf8_wcslen function.)

CVE-2022-24249: Null Pointer Dereference when dealing with XtraBox · Issue #2081 · gpac/gpac

A Null Pointer Dereference vulnerability exists in GPAC 1.1.0 via the xtra_box_write function in /box_code_base.c, which causes a Denial of Service. This vulnerability was fixed in commit 71f9871.

CVE-2021-21837: TALOS-2021-1297 || Cisco Talos Intelligence Group

Multiple exploitable integer overflow vulnerabilities exist within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A specially crafted MPEG-4 input can cause an integer overflow due to unchecked arithmetic resulting in a heap-based buffer overflow that causes memory corruption. An attacker can convince a user to open a video to trigger this vulnerability.

CVE-2021-21837: TALOS-2021-1297 || Cisco Talos Intelligence Group

Multiple exploitable integer overflow vulnerabilities exist within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A specially crafted MPEG-4 input can cause an integer overflow due to unchecked arithmetic resulting in a heap-based buffer overflow that causes memory corruption. An attacker can convince a user to open a video to trigger this vulnerability.

CVE-2021-21837: TALOS-2021-1297 || Cisco Talos Intelligence Group

Multiple exploitable integer overflow vulnerabilities exist within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A specially crafted MPEG-4 input can cause an integer overflow due to unchecked arithmetic resulting in a heap-based buffer overflow that causes memory corruption. An attacker can convince a user to open a video to trigger this vulnerability.

CVE-2021-21837: TALOS-2021-1297 || Cisco Talos Intelligence Group

Multiple exploitable integer overflow vulnerabilities exist within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A specially crafted MPEG-4 input can cause an integer overflow due to unchecked arithmetic resulting in a heap-based buffer overflow that causes memory corruption. An attacker can convince a user to open a video to trigger this vulnerability.

CVE-2021-21837: TALOS-2021-1297 || Cisco Talos Intelligence Group

Multiple exploitable integer overflow vulnerabilities exist within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A specially crafted MPEG-4 input can cause an integer overflow due to unchecked arithmetic resulting in a heap-based buffer overflow that causes memory corruption. An attacker can convince a user to open a video to trigger this vulnerability.

CVE-2021-21837: TALOS-2021-1297 || Cisco Talos Intelligence Group

Multiple exploitable integer overflow vulnerabilities exist within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A specially crafted MPEG-4 input can cause an integer overflow due to unchecked arithmetic resulting in a heap-based buffer overflow that causes memory corruption. An attacker can convince a user to open a video to trigger this vulnerability.

CVE-2021-21837: TALOS-2021-1297 || Cisco Talos Intelligence Group

Multiple exploitable integer overflow vulnerabilities exist within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A specially crafted MPEG-4 input can cause an integer overflow due to unchecked arithmetic resulting in a heap-based buffer overflow that causes memory corruption. An attacker can convince a user to open a video to trigger this vulnerability.

CVE-2021-21837: TALOS-2021-1297 || Cisco Talos Intelligence Group

Multiple exploitable integer overflow vulnerabilities exist within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A specially crafted MPEG-4 input can cause an integer overflow due to unchecked arithmetic resulting in a heap-based buffer overflow that causes memory corruption. An attacker can convince a user to open a video to trigger this vulnerability.

CVE-2021-21837: TALOS-2021-1297 || Cisco Talos Intelligence Group

Multiple exploitable integer overflow vulnerabilities exist within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A specially crafted MPEG-4 input can cause an integer overflow due to unchecked arithmetic resulting in a heap-based buffer overflow that causes memory corruption. An attacker can convince a user to open a video to trigger this vulnerability.

CVE-2021-21837: TALOS-2021-1297 || Cisco Talos Intelligence Group

Multiple exploitable integer overflow vulnerabilities exist within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A specially crafted MPEG-4 input can cause an integer overflow due to unchecked arithmetic resulting in a heap-based buffer overflow that causes memory corruption. An attacker can convince a user to open a video to trigger this vulnerability.

CVE-2021-21837: TALOS-2021-1297 || Cisco Talos Intelligence Group

Multiple exploitable integer overflow vulnerabilities exist within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A specially crafted MPEG-4 input can cause an integer overflow due to unchecked arithmetic resulting in a heap-based buffer overflow that causes memory corruption. An attacker can convince a user to open a video to trigger this vulnerability.

CVE-2021-21837: TALOS-2021-1297 || Cisco Talos Intelligence Group

Multiple exploitable integer overflow vulnerabilities exist within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A specially crafted MPEG-4 input can cause an integer overflow due to unchecked arithmetic resulting in a heap-based buffer overflow that causes memory corruption. An attacker can convince a user to open a video to trigger this vulnerability.

CVE-2021-21837: TALOS-2021-1297 || Cisco Talos Intelligence Group

Multiple exploitable integer overflow vulnerabilities exist within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A specially crafted MPEG-4 input can cause an integer overflow due to unchecked arithmetic resulting in a heap-based buffer overflow that causes memory corruption. An attacker can convince a user to open a video to trigger this vulnerability.

CVE-2021-21837: TALOS-2021-1297 || Cisco Talos Intelligence Group

Multiple exploitable integer overflow vulnerabilities exist within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A specially crafted MPEG-4 input can cause an integer overflow due to unchecked arithmetic resulting in a heap-based buffer overflow that causes memory corruption. An attacker can convince a user to open a video to trigger this vulnerability.

CVE-2021-21837: TALOS-2021-1297 || Cisco Talos Intelligence Group

Multiple exploitable integer overflow vulnerabilities exist within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A specially crafted MPEG-4 input can cause an integer overflow due to unchecked arithmetic resulting in a heap-based buffer overflow that causes memory corruption. An attacker can convince a user to open a video to trigger this vulnerability.

CVE-2021-21837: TALOS-2021-1297 || Cisco Talos Intelligence Group

Multiple exploitable integer overflow vulnerabilities exist within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A specially crafted MPEG-4 input can cause an integer overflow due to unchecked arithmetic resulting in a heap-based buffer overflow that causes memory corruption. An attacker can convince a user to open a video to trigger this vulnerability.

CVE-2021-21837: TALOS-2021-1297 || Cisco Talos Intelligence Group

Multiple exploitable integer overflow vulnerabilities exist within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A specially crafted MPEG-4 input can cause an integer overflow due to unchecked arithmetic resulting in a heap-based buffer overflow that causes memory corruption. An attacker can convince a user to open a video to trigger this vulnerability.

CVE-2021-21837: TALOS-2021-1297 || Cisco Talos Intelligence Group

Multiple exploitable integer overflow vulnerabilities exist within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A specially crafted MPEG-4 input can cause an integer overflow due to unchecked arithmetic resulting in a heap-based buffer overflow that causes memory corruption. An attacker can convince a user to open a video to trigger this vulnerability.

CVE-2021-21837: TALOS-2021-1297 || Cisco Talos Intelligence Group

Multiple exploitable integer overflow vulnerabilities exist within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A specially crafted MPEG-4 input can cause an integer overflow due to unchecked arithmetic resulting in a heap-based buffer overflow that causes memory corruption. An attacker can convince a user to open a video to trigger this vulnerability.

CVE-2021-21861: TALOS-2021-1298 || Cisco Talos Intelligence Group

An exploitable integer truncation vulnerability exists within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. When processing the 'hdlr' FOURCC code, a specially crafted MPEG-4 input can cause an improper memory allocation resulting in a heap-based buffer overflow that causes memory corruption. An attacker can convince a user to open a video to trigger this vulnerability.

CVE-2021-21861: TALOS-2021-1298 || Cisco Talos Intelligence Group

An exploitable integer truncation vulnerability exists within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. When processing the 'hdlr' FOURCC code, a specially crafted MPEG-4 input can cause an improper memory allocation resulting in a heap-based buffer overflow that causes memory corruption. An attacker can convince a user to open a video to trigger this vulnerability.

CVE-2021-21861: TALOS-2021-1298 || Cisco Talos Intelligence Group

An exploitable integer truncation vulnerability exists within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. When processing the 'hdlr' FOURCC code, a specially crafted MPEG-4 input can cause an improper memory allocation resulting in a heap-based buffer overflow that causes memory corruption. An attacker can convince a user to open a video to trigger this vulnerability.

CVE-2021-21861: TALOS-2021-1298 || Cisco Talos Intelligence Group

An exploitable integer truncation vulnerability exists within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. When processing the 'hdlr' FOURCC code, a specially crafted MPEG-4 input can cause an improper memory allocation resulting in a heap-based buffer overflow that causes memory corruption. An attacker can convince a user to open a video to trigger this vulnerability.

Packet Storm: Latest News

Acronis Cyber Protect/Backup Remote Code Execution